oski | 0c99470b0c0952b9f367fcc95f7c057908227f3360ab56eb7d6344e06991ff78 | Triage

Submit
Reports

Overview

overview

Static

static

1

9722cdf9c4...a5.ps1

windows7-x64

1

9722cdf9c4...a5.ps1

windows10-2004-x64

Sharing

General

Target

9722cdf9c49d3fc94ffa7dd0a2710aa5
Size

656KB
Sample

231222-qbbgqsddgj
MD5

9722cdf9c49d3fc94ffa7dd0a2710aa5
SHA1

3372c9e837a46bbeced8b4428979605273e1cf6c
SHA256

0c99470b0c0952b9f367fcc95f7c057908227f3360ab56eb7d6344e06991ff78
SHA512

c966df35142628043fbb78eb2c31440385361c6b53cf8112b74d49fbf8e44eab71eb3b190e765308ada138e145302c67f429c6523f6fd09b0f92fc5adc731926
SSDEEP

12288:EZjw0RJ9u5ILYDxD3fxYehza/tw6408TVkc5A+:g3oTmr+

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

9722cdf9c49d3fc94ffa7dd0a2710aa5.ps1

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

9722cdf9c49d3fc94ffa7dd0a2710aa5.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l1/

Targets

- Target
  
  9722cdf9c49d3fc94ffa7dd0a2710aa5
- Size
  
  656KB
- MD5
  
  9722cdf9c49d3fc94ffa7dd0a2710aa5
- SHA1
  
  3372c9e837a46bbeced8b4428979605273e1cf6c
- SHA256
  
  0c99470b0c0952b9f367fcc95f7c057908227f3360ab56eb7d6344e06991ff78
- SHA512
  
  c966df35142628043fbb78eb2c31440385361c6b53cf8112b74d49fbf8e44eab71eb3b190e765308ada138e145302c67f429c6523f6fd09b0f92fc5adc731926
- SSDEEP
  
  12288:EZjw0RJ9u5ILYDxD3fxYehza/tw6408TVkc5A+:g3oTmr+
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy